Common Attack Pattern Enumeration and Classification
A Community Resource for Identifying and Understanding Attacks
An attacker sends an ICMP Information Request to a host to determine if it will respond to this deprecated mechanism. ICMP Information Requests are a deprecated message type that no has any use. Information Requests were originally used for diskless machines to automatically obtain their network configuration, but this message type has been superseded by more robust protocol implementations like DHCP.
Target Attack Surface Description
Targeted OSI Layers: Network Layer
Target Attack Surface Localities
Target Attack Surface Types: Network Host
The ability to send custom ICMP queries. This can be accomplished via the use of various scanners or utilities.
[R.296.1] [REF-20] Stuart McClure, Joel Scambray and George Kurtz. "Hacking Exposed: Network Security Secrets & Solutions". Chapter 2: Scanning, pp. 44-51. 6th Edition. McGraw Hill. 2009.
[R.296.2] [REF-23] J. Postel. "RFC792 - Internet Control Messaging Protocol". Defense Advanced Research Projects Agency (DARPA). September 1981. <http://www.faqs.org/rfcs/rfc792.html>.
[R.296.3] [REF-24] R. Braden, Ed.. "RFC1122 - Requirements for Internet Hosts - Communication Layers". October 1989. <http://www.faqs.org/rfcs/rfc1122.html>.
[R.296.4] [REF-28] Mark Wolfgang. "Host Discovery with Nmap". November 2002. <http://nmap.org/docs/discovery.pdf>.
[R.296.5] [REF-22] Gordon "Fyodor" Lyon. "Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning". Section 3.7.2 ICMP Probe Selection, pg. 70. 3rd "Zero Day" Edition,. Insecure.com LLC, ISBN: 978-0-9799587-1-7. 2008.
More information is available — Please select a different filter.